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CLAIM AMENDMENTS 

1 1 . (Currently Amended) A method of establishing a secure communication session among a 

2 plurality of member nodes that participate in a multicast group across a wide area 

3 network, comprising the steps of: 

4 receiving information defining a plurality of multicast proxy service nodes , wherein: 

5 the plurality of multicast service nodes that are distributed across a local ar e a 

6 n e twork that is coupl e d to the wide area network; and 

7 the plurality of multicast service nodes for controlling control when any of the 

8 plurality of member nodes join or leave the multicast group ; and ff /|] 

9 wh e r e in 

1 0 the plurality of multicast proxy service nodes are logically represented by a 

1 1 first binary tree , wherein: 

12 each node of the first binary tree is associated with a domain of a 

13 plurality of domains of a directory service that is distributed 

14 across the wide area network; and 

15 each node of the first binary tree is associated with one or more 

16 multicast proxy service nodes of the plurality of multicast 

17 proxy service nodes; 

1 8 creating and storing a second binary tree for r e pr e s e nting that represents the plurality 

1 9 of member nodes, wherein; 

20 each of the member nodes of the plurality of member nodes is represented by 

21 a leaf node of the second binary tree; [[,]] 

22 the second binary tree that is stored in a particular domain of the plurality of 

23 domains of [[a]] the directory service that is distributed across the 

24 wide area network; [[,]] and wh e r e in 

25 a root node of the second binary tree represents one or more of the multicast 

26 proxy service nodes of the plurality of multicast proxy service nodes; 

27 and 

28 each of the member nodes of the plurality of member nodes is capable of 

29 establishing multicast communication and serving as a key distribution 

30 center; 
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3 1 creating and storing a group session key associated with the multicast group and a 

32 private key associated with each member node in-a of the multicast g roup 

33 using secure key exchange; 

34 when one of the an additional member nod e s node j oins the multicast group, 

35 determining a new group session key by replicating a branch of the second 

36 binary tree. 

1 2. (Currently Amended) A method as recited in Claim 1, wherein each of the member 

2 nodes is associated with at least one of the multicast proxy service nodes, wherein each of 

3 the multicast proxy service nodes acts as one of a plurality of r e plicat e d group 

4 controllers, further comprising the steps of: 

5 joining on e of th e an additional g roup controll e rs controller to the plurality of 

6 r e plicat e d group controllers in th e local ar e a n e twork , wherein each group 

7 controller of the plurality of group controllers is a replica of another group 

8 controller of the plurality of group controllers ; 

9 establishing, by one of the group controllers, a secure communication channel 

10 between one of the group controllers and another of the group controllers 

1 1 using a key exchange protocol; 

12 receiving a request to add or delete the a_specified member node of the multicast 

1 3 group from a load balancer that is coupled to the plurality of group 

14 controllers; 

1 5 creating and storing a the new group session key for each member node in each 

1 6 branch of the second binary tree that is affected by adding or deleting the 

1 7 specified member node from the multicast g roup; 

1 8 distributing the new group session key from one of the group controllers to the 

1 9 aff e ct e d member nodes that are affected by adding or deleting the specified 

20 member node . 

1 3. (Cancelled) 
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1 4. (Currently Amended) A method as recited in Claim 2, wherein distributing a the new 

2 group session key further comprises the steps of : 

3 determining wh e th e r that the multicast group has a specified member node that is 

4 leaving the multicast group; 

5 determining which of the intermediate nodes of the second binary tree are affected by 

6 the l e aving specified member node that is leaving ; 

7 updating only keys associated with the aff e ct e d intermediate nodes that are affected 

8 by the specified member node that is leaving ; and 

9 g e n e rating a n e w group s e ssion k e y; and 

10 sending the new group session key to the leaf nodes of the second binary tree that 

11 correspond to the member nodes that are affected by deleting the specified 

12 member node , 

1 5. (Cancelled) 

1 6. (Currently Amended) A method as recited in Claim 2, wherein distributing a the new 

2 group session key further comprises the steps of : 

3 receiving a request message from on e of th e plurality of the specified member nod e s 

4 node to join the multicast group; 

5 determining which of the intermediate nodes of the second binary tree are affected by 

6 the joining specified member node that is joining the multicast group ; 

7 updating only keys associated with the aff e ct e d intermediate nodes that are affected 

8 by the specified member node that is joining ; 

9 generating a new group s e ssion k e y and a private key for the joining specified 

10 member node that is joining ; and 

1 1 sending a message comprising the new group session key, the private key, and the 

12 updated keys of aff e ct e d intermediate nodes that are affected to the joining 

13 member node that is joining . 

1 7. (Cancelled) 
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1 8. (Cancelled) 
1 9. (Cancelled) 



1 10. (Currently Amended) A method as recited in Claim 1 , wherein determining a the new 

2 group session key further comprises the step of computing a group shared secret key at a 

3 first member node of the plurality of member nodes for use in a public key process and 

4 using less than n * (n-1) messages, where "n" is a number of member nodes in a 

5 broadcast or the multicast group, by the steps of: 

6 generating an intermediate shared secret key by issuing communications to a second 

7 member node of the plurality of member nodes ; 

8 sending a first private value associated with the first member node to the second 

9 member node; [|Yn and 

10 receiving from the second member node a second private value associated with the 

1 1 second member node using the intermediate shared secret key; 

12 generating and communicating a collective public key that is based upon the first 

13 private value and the second private value to a third member node of the 

14 plurality of member nodes n e twork ; 

1 5 receiving an individual public key from the third member node; and 

16 computing and storing the group shared secret key based upon the individual public 

17 key. 

1 11. (Cancelled) 

1 12. (Currently Amended) A method as recited in Claim 10, wherein the step of 

2 communicating the collective public key further comprises the step of determining 

3 whether the first member node or the second member node transfers the collective public 

4 key based upon an order of entry of sueh the first and second member nodes into a the 

5 multicast group. 

1 13. (Cancelled) 
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1 14. (Cancelled) 

1 15. (Currently Amended) A method as recited in Claim 10, wherein g e n e rating computing 

2 and storing the group shared secret key valu e further comprises the steps of computing 

3 and storing the a group shared secret key value "k" at the first member node according to 

4 the relatiom 

5 k = C ab mod (q) = p abc mod (q); 

6 wherein: 

7 C, a, b, c, q, and p are values stored in a memory, and wh e rein 

8 C is the individual public key, 

9 a is the first p rivate value of the first member node, 

10 b is the second p rivate value of the second member node, 

11 c is a third private value of the third member node, 

12 p is a base value, and 

13 q is a prime number value. 

1 1 6. (Currently Amended) A method as recited in Claim 1 , wherein determining a the new 

2 group session key further comprises the step of computing a group shared secret key, 

3 each of the member nodes of the plurality of member nodes having a private key valu e 

4 associated therewith, by the steps of: 

5 communicating a first public key valu e of the a_first member node of the plurality of 

6 member nodes to a second member node of the plurality of member nodes ; 

7 creating and storing an initial shared secret key for the first member node and the 

8 second member node based on a first private key valu e and a second public 

9 key valu e that is received from the second member node; 

10 creating and storing information at the first member node that associates the first 

1 1 member node with a first network communication entity by generating a 

12 collective public key valu e that is shared by the first member node and a the 

1 3 second member node , wherein the collective public key is and based on the 

14 first private key valu e and a second private key valu e that is derived by the 

1 5 first member node from the second public key valu e; 
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1 6 receiving a third public key value from a third member node of the plurality of 

1 7 member nodes that seeks to join the first network communication entity; 

1 8 creating and storing a final shared secret key value based on the collective public key 

1 9 valu e and the athird public key valu e; 

20 joining the first member node to a second n e twork communication entity that includes 

21 the first n e twork communication entity and the third member node and that 

22 uses secure communication with messages that are encrypted using the final 

23 shared secret key valu e. 



1 17. (Cancelled) 
1 18. (Cancelled) 
1 19. (Cancelled) 



1 20. (Currently Amended) A method as recited in Claim i9 16, further comprising the steps 

2 of creating and storing a subsequent shared secret key for use by the first entity and the 

3 third member node to enable the third member node to independently compute the group 

4 shared secret key, wherein creating and storing the subsequent shared secret key further 

5 comprises the steps of creating and storing the a_subsequent shared secret ke y value , k, 

6 according to the relation; 

7 k = p (a * x)(b * y)(c * z) mod(q) 

8 where; 

9 p = a random number, 

10 q = a prime number, 

11 a - the first private key valu e, 

12 b = the second private key valu e, 

13 c = a third p rivate key valu e of the third member node, 

14 x = a number of times the first member node has participated in entity 

15 formation, 

16 y = a number of times the second member node has participated in entity 

17 formation, and 
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18 z = a number of times the third member node has participated in entity 

19 formation. 

1 21. (Cancelled) 

1 22. (Cancelled) 

1 23. (Currently Amended) A method as recited in Claim 16, wherein creating and storing an 

2 the_initial shared secret key for the first member node and second member node further 

3 comprises the steps of creating and storing an initial shared public key value "AB" 

4 according to the relation: 

5 AB = k ab ab mod (q) = p (ab)(ab) mod (q) 

6 wherein^ 

7 k = the initial shared secret key valu e, 

8 a = the first private key valu e, 

9 b = the second private key valu e, 

10 p is a base value, and 

11 q is a randomly generated prime number valu e. 

1 24. (Currently Amended) A method as recited in Claim 1, further comprising the steps of: 

2 authenticating a first e v e nt multicast proxy service node with a subset of the event 

3 multicast proxy service nodes of the plurality of multicast proxy service nodes 

4 that are affected by an addition of the first e vent multicast proxy service node 

5 to the multicast group, based on key information stored in a directory; 

6 wherein authenticating the first multicast proxy service node based on key 

7 information stored in the directory includes authenticating the first multicast 

8 proxy service node based on the directory that comprises a directory system 

9 agent (PSA) for communicating with one or more of the multicast proxy 

10 service nodes and a replication service agent (USA) for replicating attribute 

1 1 information of one or more multicast proxy service nodes, wherein the 

12 attribute information comprises the group session key and the private keys of 

13 the one or more multicast proxy service nodes; 

9 
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14 receiving a plurality of private keys from the subset of multicast proxy service nodes: 

1 5 generating a new private key for the first e v e nt multicast proxy service node; 

16 communicating the plurality of private keys and the new private key to the first e v e nt 

1 7 multicast proxy service node; 

1 8 communicating a message to the subset of multicast proxy service nodes that causes 

19 the subset of multicast proxy service nodes to update their private keys; 

20 distributing the new group session key to all multicast proxy service nodes of the 

21 plurality of multicast proxy service nodes by the steps of: 

22 creating and storing the new group session key using a particular multicast 

23 proxy service node of a particular domain of the plurality of domains 

24 of the directory service, wherein the particular domain is associated 

25 with the directory; 

26 replicating the directory; and 

27 obtaining the new group session key from a local multicast proxy service node 

28 that is a replica of the first multicast proxy service node. 



1 25. (Cancelled) 

1 26. (Cancelled) 

1 27. (Cancelled) 

1 28. (Cancelled) 

1 29. (Cancelled) 

1 30. (Cancelled) 



1 31. (Currently Amended) A method as recited in Claim 30 24, further comprising the step of 

2 selectively updating the group session key and the private keys A by wherein the step of 

3 selectively updating further comprises the steps of : 

4 detecting whether a n e twork member node of the plurality of member nodes that is 

5 associated with one of the leaf nodes is leaving the s e cure multicast or 

6 broadcast group; 
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7 determining one or more tree nodes along a tree path in the second binary tree that 

8 corresponds corr e sponding to the leaving leaf node , wherein the one or more 

9 tree nodes are affected in response to the detecting step; 

1 0 updating the private keys of the aff e ct e d int e rm e diat e one or more tree nodes; 

11 one of the affected intermediate nodes that is a parent node of the leaving leaf node 

12 generating a the new group session key and selectively sending the new group 

13 session key to all ancestral nodes along the tree path ; 

14 modifying the attribut e key information based upon the updated private keys and the 

1 5 new group session key; and 

16 generating instructions that distribute the modified attribut e key information using 

1 7 directory replication. 

1 32. (Cancelled) 

1 33. (Cancelled) 

1 34. (Currently Amended) A method as recited in Claim 24, further comprising the step of 

2 selectively updating a the g roup session key and the private keys, wherein the step of 

3 selectively updating further comprises the steps of : 

4 receiving a request message from a new n e twork member node to join the s e cur e 

5 multicast group; 

6 determining which of th e int e rm e diat e one or more tree nodes along a tree path in the 

7 second binary tree that corresponds corr e sponding to the ajiew leaf node in 

8 the second binary tree for the new member node, wherein the one or more 

9 nodes are affected in response to the receiving step; 

1 0 updating the private keys of the aff e ct e d int e rm e diat e one or more tree nodes; 

11 one of the affected intermediate nodes that is a parent node of the new leaf node 

12 requesting permission from a root node of the second binary tree to generate 

13 the new session key and generating a the new group session key and a private 

14 key of the new leaf node; 

1 5 modifying the attribute key information based upon the updated private keys, the new 

16 group session key, and the private key of the new leaf node; and 
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1 7 di s tributing generating instructions that distribute the modified attribut e key 

1 8 information using directory replication. 

1 35. (Cancelled) 

1 36. (Cancelled) 

1 37. (Cancelled) 

1 38. (Currently Amended) A method as recited in Claim 1, further comprising the steps of: 

2 cr e ating and storing a the g roup session key associated with the multicast group ina 

3 directory of the directory service; 

4 authenticating a first multicast proxy service node with a subset of the multicast 

5 proxy service nodes of the plurality of multicast proxy service nodes that are 

6 affected by an addition of the first multicast proxy service node to the 

7 multicast group, based on the group session key stored in the directory; 

8 receiving a plurality of private keys from the subset of multicast proxy service nodes; 

9 receiving a the new group session key for the multicast group, for use after addition 

10 of the first multicast proxy service node, from a directory system agent (PSA) 

11 of a local multicast proxy service node that has received the new g roup 

1 2 session key through periodic replication of the directory by a replication 

13 service agent (RSA) of the local multicast proxy service node, wherein the 

14 RSA is signaled to carry out replication by storing an updated group session 

15 key in a local node of the directory ; 

16 communicating the new group session key privat e key to the first multicast proxy 

1 7 service node; 

1 8 communicating a message to the subset of multicast proxy service nodes that causes 

19 the subset o f multicast proxy service nodes to update their private keys. 

1 39. (Cancelled) 

1 40. (Cancelled) 

1 41. (Cancelled) 
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1 42. (Currently Amended) A method as recited in Claim 38, further comprisin g the steps of: 

2 distributing a the g roup session key to all member nodes of the plurality of member 

3 nodes by creating and storing the group session key using a fifst particular 

4 multicast proxy service node of the plurality of multicast proxy service nodes, 

5 wherein the particular multicast proxy service node is associated with a 

6 particular efefte-domain of the plurality of domains, and wherein the 

7 particular domain is associated with e f the directory; 

8 replicating the directory; and 

9 obtaining the group session key from a local multicast proxy service node that is a 
1 0 replica of the Sfst particular multicast proxy service node. 



1 43. (Cancelled) 

1 44. (Cancelled) 

1 45. (Cancelled) 

1 46. (Cancelled) 



1 47. (Currently Amended) A method as recited in Claim 38, further comprising the steps of: 

2 associating a plurality of intermediate nodes of the second binary tree with a plurality 

3 of multicast service agents; 

4 establishing a secure back channel group among the plurality of multicast service 

5 agents; 

6 updating the group session key to all the multicast service agents in the plurality of 

7 multicast service agents by securely communicating the group session key 

8 using the a^secure back channel that is associated with the secure back channel 

9 group ; 

10 at each intermediate node of the plurality of intermediate nodes , updating the group 

1 1 session key of only those leaf nodes that are child nodes of the said each 

1 2 intermediate node. 
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1 48. (Currently Amended) A method as recited in Claim 38, further comprising the steps of: 

2 receiving a request for the group session key from a publisher node that is located in a 

3 different domain of the plurality of domains from the group controll e r node 

4 particular domain in which is stored the second binary tree ; 

5 determining an identifier of the publisher node using a local first directory service 

6 agent that is associated with a particular multicast proxy service node of the 

7 plurality of multicast proxy service nodes, wherein the particular multicast 

8 proxy service node is in the particular domain ; 

9 establishing a secure communication channel among the group controller particular 

10 multicast proxy service node and a directory service agent that is associated 

11 with a different multicast proxy service node of the plurality of multicast 

12 proxy service nodes, wherein the different multicast proxy service node is in 

1 3 the different domain. 

1 49. (Cancelled) 
1 50. (Cancelled) 

1 51. (Currently Amended) A method as recited in Claim 1 , further comprising the step of 

2 managing removal of a first member node from the s e cur e multicast group that comprises 

3 th e first nod e and a plurality of th e multicast proxy s e rvic e nod e s , wherein managing 

4 removal of the first member node further comprises b y the steps of: 

5 creating and storing a the g roup session key associated with the multicast group and a 

6 private key associated with each member node of the plurality of member 

7 nodes in a directory; 

8 receiving information indicating that the first member node is leaving the multicast group; 

9 updating all affected keys of a subset of member nodes of the plurality of member 

1 0 nodes in a branch of the second binary tree that contains the l e aving first 

1 1 member node that is leaving ; 
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12 receiving a- the new group session key for the multicast group, for use after removal 

1 3 of the first member node, and a new private key for a parent node of the first 

14 member node, from a local group controll e r multicast proxy service node of 

15 the plurality of multicast proxy service nodes ; 

16 communicating a message to the subset of member nodes that causes the subset of 

1 7 member nodes to update their private keys. 

1 52. (Cancelled) 

1 53. (Cancelled) 

1 54. (Currently Amended) A method as recited in Claim 51, further comprising the steps of: 

2 associating a plurality of intermediate nodes of the second binary tree with a plurality 

3 of multicast service agents; 

4 establishing a secure back channel group among the plurality of multicast service 

5 agents; 

6 updating the group session key to all the multicast service agents in the plurality of 

7 multicast service agents by securely communicating the group session key 

8 using the a^secure back channel that is associated with the secure back channel 

9 group ; 

10 at each intermediate node of the plurality of intermediate nodes , updating the group 

1 1 session key of only those leaf nodes that are child nodes of the said each 

12 intermediate node. 

1 55. (Currently Amended) A method as recited in Claim 51, further comprising the steps of: 

2 receiving a request for the group session key from a publisher node that is located in a 

3 different domain of the plurality of domains from the group controll e r node 

4 particular domain in which is stored the second binary tree ; 

5 determining an identifier of the publisher node using a ieeal first directory service 

6 agent that is associated with a particular multicast proxy service node of the 

7 plurality of multicast proxy service nodes, wherein the particular multicast 

8 proxy service node is in the particular domain ; 
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9 establishing a secure communication channel among the group controll e r particular 

1 0 multicast proxy service node and a directory service agent that is associated 

11 with a different multicast proxy service node of the plurality of multicast 

12 proxy service nodes, wherein the different multicast proxy service node is in 

1 3 the different domain. 

1 56. (Currently Amended) A method as recited in Claim 51, further comprisin g the steps of: 

2 distributing a the g roup session key to all member nodes of the plurality of member 

3 nodes by creating and storing the group session key using a fifst particular 

4 multicast proxy service node of the plurality of multicast proxy service nodes, 

5 wherein the particular multicast proxy service node is associated with a 

6 particular e£efte-domain of the plurality of domains, and wherein the 

7 particular domain is associated with e f the directory; 

8 replicating the directory; and 

9 obtaining the group session key from a local multicast proxy service node that is a 
10 replica of the fkst particular multicast proxy service node. 



1 57. (Cancelled) 



1 58. (Cancelled) 

1 59. (New) A computer-readable medium carrying one or more sequences of instructions for 

2 establishing a secure communication session among a plurality of member nodes that 

3 participate in a multicast group across a wide area network, wherein execution of the one 

4 or more sequences of instructions by one or more processors causes the one or more 

5 processors to perform the steps of: 

6 receiving information defining a plurality of multicast proxy service nodes, wherein: 

7 the plurality of multicast service nodes are distributed across the wide area 

8 network; 

9 the plurality of multicast service nodes control when any of the plurality of 
10 member nodes join or leave the multicast group; and 
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1 1 the plurality of multicast proxy service nodes are logically represented by a 

1 2 first binary tree, wherein: 

13 each node of the first binary tree is associated with a domain of a 

14 plurality of domains of a directory service that is distributed 

1 5 across the wide area network; and 

16 each node of the first binary tree is associated with one or more 

1 7 multicast proxy service nodes of the plurality of multicast 

18 proxy service nodes; 

19 creating and storing a second binary tree that represents the plurality of member 

20 nodes, wherein: 

21 each of the member nodes of the plurality of member nodes is represented by 

22 a leaf node of the second binary tree; 

23 the second binary tree is stored in a particular domain of the plurality of 

24 domains of the directory service that is distributed across the wide area 

25 network; 

26 a root node of the second binary tree represents one or more of the multicast 

27 proxy service nodes of the plurality of multicast proxy service nodes; 

28 and 

29 each of the member nodes of the plurality of member nodes is capable of 

30 establishing multicast communication and serving as a key distribution 

31 center; 

32 creating and storing a group session key associated with the multicast group and a 

33 private key associated with each member node of the multicast group using 

34 secure key exchange; 

35 when an additional member node joins the multicast group, determining a new group 

36 session key by replicating a branch of the second binary tree. 

1 60. (New) A communication system for establishing a secure communication session among 

2 a plurality of member nodes that participate in a multicast group across a wide area 

3 network, the communication system comprising: 

4 a plurality of multicast proxy service nodes, wherein: 
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5 the plurality of multicast service nodes are distributed across the wide area 

6 network; 

7 the plurality of multicast service nodes control when any of the plurality of 

8 member nodes join or leave the multicast group; and 

9 the plurality of multicast proxy service nodes are logically represented by a 

1 0 first binary tree, wherein: 

1 1 each node of the first binary tree is associated with a domain of a 

12 plurality of domains of a directory service that is distributed 

13 across the wide area network; and 

14 each node of the first binary tree is associated with one or more 

1 5 multicast proxy service nodes of the plurality of multicast 

1 6 proxy service nodes; 

1 7 a computer-readable medium comprising one or more instructions which, when 

1 8 executed by one or more processors, cause the one or more processors to carry 

19 out the steps of: 

20 creating and storing a second binary tree that represents the plurality of 

2 1 member nodes, wherein: 

22 each of the member nodes of the plurality of member nodes is 

23 represented by a leaf node of the second binary tree; 

24 the second binary tree is stored in a particular domain of the plurality 

25 of domains of the directory service that is distributed across the 

26 wide area network; 

27 a root node of the second binary tree represents one or more of the 

28 multicast proxy service nodes of the plurality of multicast 

29 proxy service nodes; and 

30 each of the member nodes of the plurality of member nodes is capable 

3 1 of establishing multicast communication and serving as a key 

32 distribution center; 

33 creating and storing a group session key associated with the multicast group 

34 and a private key associated with each member node of the multicast 

35 group using secure key exchange; 
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36 when an additional member node joins the multicast group, determining a new 

37 group session key by replicating a branch of the second binary tree. 

1 61 . (New) A communication system as recited in Claim 60, wherein each of the member 

2 nodes is associated with at least one of the multicast proxy service nodes, wherein each of 

3 the multicast proxy service nodes acts as one of a plurality of group controllers, and 

4 wherein the computer-readable medium further comprises one or more instructions 

5 which, when executed by the one or more processors, cause the one or more processors to 

6 carry out the steps of: 

7 joining an additional group controller to the plurality of group controllers, wherein 

8 each group controller of the plurality of group controllers is a replica of 

9 another group controller of the plurality of group controllers; 

10 establishing, by one of the group controllers, a secure communication channel 

1 1 between one of the group controllers and another of the group controllers 

1 2 using a key exchange protocol ; 

13 receiving a request to add or delete a specified member node of the multicast group 

14 from a load balancer that is coupled to the plurality of group controllers; 

15 creating and storing the new group session key for each member node in each branch 

16 of the second binary tree that is affected by adding or deleting the specified 

1 7 member node from the multicast group; 

1 8 distributing the new group session key from one of the group controllers to the 

19 member nodes that are affected by adding or deleting the specified member 

20 node. 

1 62. (New) A communication system as recited in Claim 61, wherein the instructions for 

2 distributing the new group session key further comprises one or more instructions which, 

3 when executed by the one or more processors, cause the one or more processors to carry 

4 out the steps of: 

5 determining that the specified member node is leaving the multicast group; 

6 determining which of the intermediate nodes of the second binary tree are affected by 

7 the specified member node that is leaving; 
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8 updating only keys associated with the intermediate nodes that are affected by the 

9 specified member node that is leaving; and 

10 sending the new group session key to the leaf nodes of the second binary tree that 

1 1 correspond to the member nodes that are affected by deleting the specified 

12 member node. 

1 63. (New) A communication system as recited in Claim 61, wherein the instructions for 

2 distributing the new group session key further comprises one or more instructions which, 

3 when executed by the one or more processors, cause the one or more processors to carry 

4 out the steps of: 

5 receiving a request message from the specified member node to join the multicast 

6 group; 

7 determining which of the intermediate nodes of the second binary tree are affected by 

8 the specified member node that is joining the multicast group; 

9 updating only keys associated with the intermediate nodes that are affected by the 

10 specified member node that is joining; 

1 1 generating a private key for the specified member node that is joining; and 

12 sending a message comprising the new group session key, the private key, and the 

13 updated keys of intermediate nodes that are affected to the member node that 

14 is joining. 

1 64. (New) A communication system as recited in Claim 60, wherein the instructions for 

2 determining the new group session key further comprises one or more instructions which, 

3 when executed by the one or more processors, cause the one or more processors to carry 

4 out the step of computing a group shared secret key at a first member node of the 

5 plurality of member nodes for use in a public key process and using less than n * (n-60) 

6 messages, where "n" is a number of member nodes in the multicast group, by the steps 

7 of: 

8 generating an intermediate shared secret key by issuing communications to a second 

9 member node of the plurality of member nodes; 

10 sending a first private value associated with the first member node to the second 

1 1 member node; 
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12 receiving from the second member node a second private value associated with the 

13 second member node using the intermediate shared secret key; 

14 generating and communicating a collective public key that is based upon the first 

15 private value and the second private value to a third member node of the 

1 6 plurality of member nodes; 

17 receiving an individual public key from the third member node; and 

18 computing and storing the group shared secret key based upon the individual public 

19 key. 

1 65. (New) A communication system as recited in Claim 64, wherein the instructions for 

2 communicating the collective public key further comprises one or more instructions 

3 which, when executed by the one or more processors, cause the one or more processors to 

4 carry out the step of determining whether the first member node or the second member 

5 node transfers the collective public key based upon an order of entry of the first and 

6 second member nodes into the multicast group. 

1 66. (New) A communication system as recited in Claim 64, wherein the instructions for 

2 computing and storing the group shared secret key further comprises one or more 

3 instructions which, when executed by the one or more processors, cause the one or more 

4 processors to carry out the steps of computing and storing a group shared secret key value 

5 "k" at the first member node according to the relation: 

6 k - C ab mod (q) = p abc mod (q); 

7 wherein: 

8 C, a, b, c, q, and p are values stored in a memory, 

9 C is the individual public key, 

10 a is the first private value of the first member node, 

11 b is the second private value of the second member node, 

12 c is a third private value of the third member node, 

13 p is a base value, and 

14 q is a prime number value. 
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1 67. (New) A communication system as recited in Claim 60, wherein the instructions for 

2 determining the new group session key further comprises one or more instructions which, 

3 when executed by the one or more processors, cause the one or more processors to carry 

4 out the step of computing a group shared secret key, each of the member nodes of the 

5 plurality of member nodes having a private key associated therewith, by the steps of: 

6 communicating a first public key of a first member node of the plurality of member 

7 nodes to a second member node of the plurality of member nodes; 

8 creating and storing an initial shared secret key for the first member node and the 

9 second member node based on a first private key and a second public key that 

10 is received from the second member node; 

1 1 creating and storing information at the first member node that associates the first 

12 member node with a first entity by generating a collective public key that is 

13 shared by the first member node and the second member node, wherein the 

14 collective public key is based on the first private key and a second private key 

1 5 that is derived by the first member node from the second public key; 

16 receiving a third public key from a third member node of the plurality of member 

1 7 nodes that seeks to join the first entity; 

18 creating and storing a final shared secret key based on the collective public key and a 

19 third public key; 

20 joining the first member node to a second entity that includes the first entity and the 

2 1 third member node and that uses secure communication with messages that 

22 are encrypted using the final shared secret key. 

1 68. (New) A communication system as recited in Claim 67, wherein the computer-readable 

2 medium further comprises one or more instructions which, when executed by the one or 

3 more processors, cause the one or more processors to carry out the steps of creating and 

4 storing a subsequent shared secret key for use by the first entity and the third member 

5 node to enable the third member node to independently compute the group shared secret 

6 key, wherein creating and storing the subsequent shared secret key comprises creating 

7 and storing a subsequent shared secret key value, k, according to the relation: 

8 k = p (a * x)(b ^ )(c * z) mod(q) 
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9 where: 

10 p = a random number, 

11 q = a prime number, 

12 a = the first private key, 

13 b = the second private key, 

14 c = a third private key of the third member node, 

15 x = a number of times the first member node has participated in entity 

16 formation, 

17 y = a number of times the second member node has participated in entity 

18 formation, and 

19 z = a number of times the third member node has participated in entity 

20 formation. 

1 69. (New) A communication system as recited in Claim 67, wherein the instructions for 

2 creating and storing the initial shared secret key for the first member node and second 

3 member node further comprises one or more instructions which, when executed by the 

4 one or more processors, cause the one or more processors to carry out the steps of 

5 creating and storing an initial shared public key value "AB" according to the relation: 

6 AB - k ab ab mod (q) = p (ab)(ab) mod (q) 

7 wherein: 

8 k = the initial shared secret key, 

9 a = the first private key, 

10 b = the second private key, 

11 p is a base value, and 

12 q is a randomly generated prime number. 
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1 70. (New) A communication system as recited in Claim 60, wherein the computer-readable 

2 medium further comprises one or more instructions which, when executed by the one or 

3 more processors, cause the one or more processors to carry out the steps of: 

4 authenticating a first multicast proxy service node with a subset of the multicast 

5 proxy service nodes of the plurality of multicast proxy service nodes that are 

6 affected by an addition of the first multicast proxy service node to the 

7 multicast group, based on key information stored in a directory; 

8 wherein authenticating the first multicast proxy service node based on key 

9 information stored in the directory includes authenticating the first multicast 

10 proxy service node based on the directory that comprises a directory system 

1 1 agent (DSA) for communicating with one or more of the multicast proxy 

12 service nodes and a replication service agent (RSA) for replicating attribute 

13 information of one or more multicast proxy service nodes, wherein the 

14 attribute information comprises the group session key and the private keys of 

1 5 the one or more multicast proxy service nodes; 

16 receiving a plurality of private keys from the subset of multicast proxy service nodes; 

1 7 generating a new private key for the first multicast proxy service node; 

1 8 communicating the plurality of private keys and the new private key to the first 

1 9 multicast proxy service node; 

20 communicating a message to the subset of multicast proxy service nodes that causes 

2 1 the subset of multicast proxy service nodes to update their private keys; 

22 distributing the new group session key to all multicast proxy service nodes of the 

23 plurality of multicast proxy service nodes by: 

24 creating and storing the new group session key using a particular multicast 

25 proxy service node of a particular domain of the plurality of domains 

26 of the directory service, wherein the particular domain is associated 

27 with the directory; 

28 replicating the directory; and 

29 obtaining the new group session key from a local multicast proxy service node 

30 that is a replica of the first multicast proxy service node. 
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1 71 . (New) A communication system as recited in Claim 70, wherein the computer-readable 

2 medium further comprises one or more instructions which, when executed by the one or 

3 more processors, cause the one or more processors to carry out the step of selectively 

4 updating the group session key and the private keys by: 

5 detecting whether a member node of the plurality of member nodes that is associated 

6 with one of the leaf nodes is leaving the multicast group; 

7 determining one or more tree nodes along a tree path in the second binary tree that 

8 corresponds to the leaving leaf node, wherein the one or more tree nodes are 

9 affected in response to the detecting step; 

10 updating the private keys of the one or more tree nodes; 

1 1 one of the affected intermediate nodes that is a parent node of the leaving leaf node 

12 generating the new group session key and selectively sending the new group 

13 session key to all ancestral nodes along the tree path; 

14 modifying the key information based upon the updated private keys and the new 

1 5 group session key; and 

1 6 generating instructions that distribute the modified key information using directory 

1 7 replication. 

1 72. (New) A communication system as recited in Claim 70, wherein the computer-readable 

2 medium further comprises one or more instructions which, when executed by the one or 

3 more processors, cause the one or more processors to carry out the step of selectively 

4 updating the group session key and the private keys, wherein the step of selectively 

5 updating comprises: 

6 receiving a request message from a new member node to join the multicast group; 

7 determining one or more tree nodes along a tree path in the second binary tree that 

8 corresponds to a new leaf node in the second binary tree for the new member 

9 node, wherein the one or more nodes are affected in response to the receiving 

10 step; 

1 1 updating the private keys of the one or more tree nodes; 



25 

Docket No. 50325-0108 (Seq. No. 1590) 



Application of Sunil K. Srivastava, Ser. No. 09/728,488, Filed 1 1/30/2000 
Reply to Office Action 



12 one of the affected intermediate nodes that is a parent node of the new leaf node 

1 3 requesting permission from a root node of the second binary tree to generate 

14 the new session key and generating the new group session key and a private 

1 5 key of the new leaf node; 

16 modifying the key information based upon the updated private keys, the new group 

1 7 session key, and the private key of the new leaf node; and 

18 generating instructions that distribute the modified key information using directory 

19 replication. 

1 73. (New) A communication system as recited in Claim 60, wherein the computer-readable 

2 medium further comprises one or more instructions which, when executed by the one or 

3 more processors, cause the one or more processors to carry out the steps of: 

4 storing the group session key associated with the multicast group in a directory of the 

5 directory service; 

6 authenticating a first multicast proxy service node with a subset of multicast proxy 

7 service nodes of the plurality of multicast proxy service nodes that are 

8 affected by an addition of the first multicast proxy service node to the 

9 multicast group, based on the group session key stored in the directory; 

10 receiving a plurality of private keys from the subset of multicast proxy service nodes; 

1 1 receiving the new group session key for the multicast group, for use after addition of 

12 the first multicast proxy service node, from a directory system agent (DSA) of 

13 a local multicast proxy service node that has received the new group session 

14 key through periodic replication of the directory by a replication service agent 

1 5 (RSA) of the local multicast proxy service node, wherein the RS A is signaled 

16 to carry out replication by storing an updated group session key in a local 

1 7 node of the directory; 

18 communicating the new group session key to the first multicast proxy service node; 

1 9 communicating a message to the subset of multicast proxy service nodes that causes 

20 the subset of multicast proxy service nodes to update their private keys. 
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1 74. (New) A communication system as recited in Claim 73, wherein the computer-readable 

2 medium further comprises one or more instructions which, when executed by the one or 

3 more processors, cause the one or more processors to carry out the steps of: 

4 distributing the group session key to all member nodes of the plurality of member 

5 nodes by creating and storing the group session key using a particular 

6 multicast proxy service node of the plurality of multicast proxy service nodes, 

7 wherein the particular multicast proxy service node is associated with a 

8 particular domain of the plurality of domains, and wherein the particular 

9 domain is associated with the directory; 

10 replicating the directory; and 

1 1 obtaining the group session key from a local multicast proxy service node that is a 

12 replica of the particular multicast proxy service node. 

1 75. (New) A communication system as recited in Claim 73, wherein the computer-readable 

2 medium further comprises one or more instructions which, when executed by the one or 

3 more processors, cause the one or more processors to carry out the steps of: 

4 associating a plurality of intermediate nodes of the second binary tree with a plurality 

5 of multicast service agents; 

6 establishing a secure back channel group among the plurality of multicast service 

7 agents; 

8 updating the group session key to all the multicast service agents in the plurality of 

9 multicast service agents by securely communicating the group session key 

10 using a secure back channel that is associated with the secure back channel 

1 1 group; 

12 at each intermediate node of the plurality of intermediate nodes, updating the group 

1 3 session key of only those leaf nodes that are child nodes of said each 

1 4 intermediate node. 
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1 76. (New) A communication system as recited in Claim 73, wherein the computer-readable 

2 medium further comprises one or more instructions which, when executed by the one or 

3 more processors, cause the one or more processors to carry out the steps of 

4 receiving a request for the group session key from a publisher node that is located in a 

5 different domain of the plurality of domains from the particular domain in 

6 which is stored the second binary tree; 

7 determining an identifier of the publisher node using a first directory service agent 

8 that is associated with a particular multicast proxy service node of the 

9 plurality of multicast proxy service nodes, wherein the particular multicast 

10 proxy service node is in the particular domain; 

1 1 establishing a secure communication channel among the particular multicast proxy 

12 service node and a directory service agent that is associated with a different 

1 3 multicast proxy service node of the plurality of multicast proxy service nodes, 

14 wherein the different multicast proxy service node is in the different domain. 

1 77. (New) A communication system as recited in Claim 60, wherein the computer-readable 

2 medium further comprises one or more instructions which, when executed by the one or 

3 more processors, cause the one or more processors to carry out the step of managing 

4 removal of a first member node from the multicast group, by the steps of: 

5 creating and storing the group session key associated with the multicast group and a 

6 private key associated with each member node of the plurality of member 

7 nodes in a directory; 

8 receiving information indicating that the first member node is leaving the multicast group; 

9 updating all affected keys of a subset of member nodes of the plurality of member 

10 nodes in a branch of the second binary tree that contains the first member 

1 1 node that is leaving; 

12 receiving the new group session key for the multicast group, for use after removal of 

13 the first member node, and a new private key for a parent node of the first 

14 member node, from a local multicast proxy service node of the plurality of 

1 5 multicast proxy service nodes; 
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16 communicating a message to the subset of member nodes that causes the subset of 

1 7 member nodes to update their private keys. 

1 78. (New) A communication system as recited in Claim 77, wherein the computer-readable 

2 medium further comprises one or more instructions which, when executed by the one or 

3 more processors, cause the one or more processors to carry out the steps of: 

4 associating a plurality of intermediate nodes of the second binary tree with a plurality 

5 of multicast service agents; 

6 establishing a secure back channel group among the plurality of multicast service 

7 agents; 

8 updating the group session key to all the multicast service agents in the plurality of 

9 multicast service agents by securely communicating the group session key 

10 using a secure back channel that is associated with the secure back channel 

1 1 group; 

12 at each intermediate node of the plurality of intermediate nodes, updating the group 

13 session key of only those leaf nodes that are child nodes of said each 

14 intermediate node. 

1 79. (New) A communication system as recited in Claim 77, wherein the computer-readable 

2 medium further comprises one or more instructions which, when executed by the one or 

3 more processors, cause the one or more processors to carry out the steps of: 

4 receiving a request for the group session key from a publisher node that is located in a 

5 different domain of the plurality of domains from the particular domain in 

6 which is stored the second binary tree; 

7 determining an identifier of the publisher node using a first directory service agent 

8 that is associated with a particular multicast proxy service node of the 

9 plurality of multicast proxy service nodes, wherein the particular multicast 

10 proxy service node is in the particular domain; 

1 1 establishing a secure communication channel among the particular multicast proxy 

12 service node and a directory service agent that is associated with a different 

1 3 multicast proxy service node of the plurality of multicast proxy service nodes, 

14 wherein the different multicast proxy service node is in the different domain. 
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1 80. (New) A communication system as recited in Claim 77, wherein the computer-readable 

2 medium further comprises one or more instructions which, when executed by the one or 

3 more processors, cause the one or more processors to carry out the steps of: 

4 distributing the group session key to all member nodes of the plurality of member 

5 nodes by creating and storing the group session key using a particular 

6 multicast proxy service node of the plurality of multicast proxy service nodes, 

7 wherein the particular multicast proxy service node is associated with a 

8 particular domain of the plurality of domains, and wherein the particular 

9 domain is associated with the directory; 

10 replicating the directory; and 

1 1 obtaining the group session key from a local multicast proxy service node that is a 

12 replica of the particular multicast proxy service node. 

1 81. (New) An apparatus for establishing a secure communication session among a plurality 

2 of member nodes that participate in a multicast group across a wide area network, the 

3 apparatus comprising: 

4 means for receiving information defining a plurality of multicast proxy service nodes, 

5 wherein: 

6 the plurality of multicast service nodes are distributed across the wide area 

7 network; 

8 the plurality of multicast service nodes control when any of the plurality of 

9 member nodes join or leave the multicast group; and 

10 the plurality of multicast proxy service nodes are logically represented by a 

1 1 first binary tree, wherein: 

12 each node of the first binary tree is associated with a domain of a 

1 3 plurality of domains of a directory service that is distributed 

14 across the wide area network; and 

15 each node of the first binary tree is associated with one or more 

1 6 multicast proxy service nodes of the plurality of multicast 

1 7 proxy service nodes; 
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1 8 means for creating and storing a second binary tree that represents the plurality of 

1 9 member nodes, wherein: 

20 each of the member nodes of the plurality of member nodes is represented by 

21 a leaf node of the second binary tree; 

22 the second binary tree is stored in a particular domain of the plurality of 

23 domains of the directory service that is distributed across the wide area 

24 network; 

25 a root node of the second binary tree represents one or more of the multicast 

26 proxy service nodes of the plurality of multicast proxy service nodes; 

27 and 

28 each of the member nodes of the plurality of member nodes is capable of 

29 establishing multicast communication and serving as a key distribution 

30 center; 

3 1 means for creating and storing a group session key associated with the multicast 

32 group and a private key associated with each member node of the multicast 

33 group using secure key exchange; 

34 means for determining a new group session key by replicating a branch of the second 

35 binary tree when an additional member node joins the multicast group. 

1 82. (New) An apparatus as recited in Claim 81, wherein each of the member nodes is 

2 associated with at least one of the multicast proxy service nodes, wherein each of the 

3 multicast proxy service nodes acts as one of a plurality of group controllers, and the 

4 apparatus further comprises: 

5 means for joining an additional group controller to the plurality of group controllers, 

6 wherein each group controller of the plurality of group controllers is a replica 

7 of another group controller of the plurality of group controllers; 

8 means for establishing, by one of the group controllers, a secure communication 

9 channel between one of the group controllers and another of the group 

10 controllers using a key exchange protocol; 

1 1 means for receiving a request to add or delete a specified member node of the 

12 multicast group from a load balancer that is coupled to the plurality of group 

13 controllers; 
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14 means for creating and storing the new group session key for each member node in 

1 5 each branch of the second binary tree that is affected by adding or deleting the 

16 specified member node from the multicast group; 

17 means for distributing the new group session key from one of the group controllers to 

18 the member nodes that are affected by adding or deleting the specified 

19 member node. 

1 83. (New) An apparatus as recited in Claim 82, wherein the means for distributing the new 

2 group session key further comprises: 

3 means for determining that the specified member node is leaving the multicast group; 

4 means for determining which of the intermediate nodes of the second binary tree are 

5 affected by the specified member node that is leaving; 

6 means for updating only keys associated with the intermediate nodes that are affected 

7 by the specified member node that is leaving; and 

8 means for sending the new group session key to the leaf nodes of the second binary 

9 tree that correspond to the member nodes that are affected by deleting the 
1 0 specified member node. 

1 84. (New) An apparatus as recited in Claim 82, wherein the means for distributing the new 

2 group session key further comprises: 

3 means for receiving a request message from the specified member node to join the 

4 multicast group; 

5 means for determining which of the intermediate nodes of the second binary tree are 

6 affected by the specified member node that is joining the multicast group; 

7 means for updating only keys associated with the intermediate nodes that are affected 

8 by the specified member node that is joining; 

9 means for generating a private key for the specified member node that is joining; and 

10 means for sending a message comprising the new group session key, the private key, 

1 1 and the updated keys of intermediate nodes that are affected to the member 

1 2 node that is joining. 
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1 85. (New) An apparatus as recited in Claim 81, wherein the means for determining the new 

2 group session key further comprises means for computing a group shared secret key at a 

3 first member node of the plurality of member nodes for use in a public key process and 

4 using less than n * (n-81) messages, where "n" is a number of member nodes in the 

5 multicast group, wherein the means for computer the group shared secret key further 

6 comprises: 

7 means for generating an intermediate shared secret key by issuing communications to 

8 a second member node of the plurality of member nodes; 

9 means for sending a first private value associated with the first member node to the 

1 0 second member node; 

1 1 means for receiving from the second member node a second private value associated 

12 with the second member node using the intermediate shared secret key; 

13 means for generating and communicating a collective public key that is based upon 

14 the first private value and the second private value to a third member node of 

1 5 the plurality of member nodes; 

16 means for receiving an individual public key from the third member node; and 

17 means for computing and storing the group shared secret key based upon the 

1 8 individual public key. 

1 86. (New) An apparatus as recited in Claim 85, wherein the means for communicating the 

2 collective public key further comprises means for determining whether the first member 

3 node or the second member node transfers the collective public key based upon an order 

4 of entry of the first and second member nodes into the multicast group. 

1 87. (New) An apparatus as recited in Claim 85, wherein the means for computing and 

2 storing the group shared secret key further comprises means for computing and storing a 

3 group shared secret key value "k" at the first member node according to the relation: 

4 k = C ab mod (q) = p abc mod (q); 

5 wherein: 

6 C, a, b, c, q, and p are values stored in a memory, 

7 C is the individual public key, 
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8 a is the first private value of the first member node, 

9 b is the second private value of the second member node, 

10 c is a third private value of the third member node, 

11 p is a base value, and 

12 q is a prime number value. 

1 88. (New) An apparatus as recited in Claim 8 1 , wherein the means for determining the new 

2 group session key further comprises means for computing a group shared secret key, each 

3 of the member nodes of the plurality of member nodes having a private key associated 

4 therewith, wherein the means for computer the group shared secret key further comprises: 

5 means for communicating a first public key of a first member node of the plurality of 

6 member nodes to a second member node of the plurality of member nodes; 

7 means for creating and storing an initial shared secret key for the first member node 

8 and the second member node based on a first private key and a second public 

9 key that is received from the second member node; 

10 means for creating and storing information at the first member node that associates 

1 1 the first member node with a first entity by generating a collective public key 

12 that is shared by the first member node and the second member node, wherein 

1 3 the collective public key is based on the first private key and a second private 

14 key that is derived by the first member node from the second public key; 

1 5 means for receiving a third public key from a third member node of the plurality of 

16 member nodes that seeks to join the first entity; 

17 means for creating and storing a final shared secret key based on the collective public 

1 8 key and a third public key; 

19 means for joining the first member node to a second entity that includes the first 

20 entity and the third member node and that uses secure communication with 

21 messages that are encrypted using the final shared secret key. 
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1 89. (New) An apparatus as recited in Claim 88, further comprising means for creating and 

2 storing a subsequent shared secret key for use by the first entity and the third member 

3 node to enable the third member node to independently compute the group shared secret 

4 key, wherein the means for creating and storing the subsequent shared secret key further 

5 comprises means for creating and storing a subsequent shared secret key value, k, 

6 according to the relation: 

7 k = pC^TO*) mod (q) 

8 where: 

9 p = a random number, 

10 q = a prime number, 

11 a = the first private key, 

12 b = the second private key, 

13 c = a third private key of the third member node, 

14 x = a number of times the first member node has participated in entity 

1 5 formation, 

16 y = a number of times the second member node has participated in entity 

1 7 formation, and 

18 z = a number of times the third member node has participated in entity 

19 formation. 

1 90. (New) An apparatus as recited in Claim 88, wherein the means for creating and storing 

2 the initial shared secret key for the first member node and second member node further 

3 comprises means for creating and storing an initial shared public key value "AB" 

4 according to the relation: 

5 AB = k ab ab mod (q) = p (ab)(ab) mod (q) 

6 wherein: 

7 k = the initial shared secret key, 

8 a = the first private key, 

9 b = the second private key, 

10 p is a base value, and 

11 q is a randomly generated prime number. 
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1 91 . (New) An apparatus as recited in Claim 81, further comprising: 

2 means for authenticating a first multicast proxy service node with a subset of the 

3 multicast proxy service nodes of the plurality of multicast proxy service nodes 

4 that are affected by an addition of the first multicast proxy service node to the 

5 multicast group, based on key information stored in a directory; 

6 wherein the means for authenticating the first multicast proxy service node based on 

7 key information stored in the directory includes means for authenticating the 

8 first multicast proxy service node based on the directory that comprises a 

9 directory system agent (DSA) for communicating with one or more of the 

10 multicast proxy service nodes and a replication service agent (RSA) for 

1 1 replicating attribute information of one or more multicast proxy service nodes, 

12 wherein the attribute information comprises the group session key and the 

13 private keys of the one or more multicast proxy service nodes; 

14 means for receiving a plurality of private keys from the subset of multicast proxy 

15 service nodes; 

16 means for generating a new private key for the first multicast proxy service node; 

1 7 means for communicating the plurality of private keys and the new private key to the 

1 8 first multicast proxy service node; 

19 means for communicating a message to the subset of multicast proxy service nodes 

20 that causes the subset of multicast proxy service nodes to update their private 

21 keys; 

22 means for distributing the new group session key to all multicast proxy service nodes 

23 of the plurality of multicast proxy service nodes by: 

24 creating and storing the new group session key using a particular multicast 

25 proxy service node of a particular domain of the plurality of domains 

26 of the directory service, wherein the particular domain is associated 

27 with the directory; 

28 replicating the directory; and 

29 obtaining the new group session key from a local multicast proxy service node 

30 that is a replica of the first multicast proxy service node. 
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1 92. (New) An apparatus as recited in Claim 91, further comprising means for selectively 

2 updating the group session key and the private keys, wherein the means for selectively 

3 updating further comprises: 

4 means for detecting whether a member node of the plurality of member nodes that is 

5 associated with one of the leaf nodes is leaving the multicast group; 

6 means for determining one or more tree nodes along a tree path in the second binary 

7 tree that corresponds to the leaving leaf node, wherein the one or more tree 

8 nodes are affected in response to detecting whether the member node is 

9 leaving; 

10 means for updating the private keys of the one or more tree nodes; 

1 1 means for one of the affected intermediate nodes that is a parent node of the leaving 

12 leaf node generating the new group session key and selectively sending the 

13 new group session key to all ancestral nodes along the tree path; 

14 means for modifying the key information based upon the updated private keys and the 

15 new group session key; and 

16 means for generating instructions that distribute the modified key information using 

1 7 directory replication. 

1 93. (New) An apparatus as recited in Claim 91, further comprising means for selectively 

2 updating the group session key and the private keys, wherein the means for selectively 

3 updating comprises: 

4 means for receiving a request message from a new member node to join the multicast 

5 group; 

6 means for determining one or more tree nodes along a tree path in the second binary 

7 tree that corresponds to a new leaf node in the second binary tree for the new 

8 member node, wherein the one or more nodes are affected in response to 

9 receiving the request message; 

10 means for updating the private keys of the one or more tree nodes; 
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1 1 means for one of the affected intermediate nodes that is a parent node of the new leaf 

12 node requesting permission from a root node of the second binary tree to 

13 generate the new session key and generating the new group session key and a 

14 private key of the new leaf node; 

1 5 means for modifying the key information based upon the updated private keys, the 

16 new group session key, and the private key of the new leaf node; and 

17 means for generating instructions that distribute the modified key information using 

1 8 directory replication. 

1 94. (New) An apparatus as recited in Claim 81, further comprising: 

2 means for storing the group session key associated with the multicast group in a 

3 directory of the directory service; 

4 means for authenticating a first multicast proxy service node with a subset of 

5 multicast proxy service nodes of the plurality of multicast proxy service nodes 

6 that are affected by an addition of the first multicast proxy service node to the 

7 multicast group, based on the group session key stored in the directory; 

8 means for receiving a plurality of private keys from the subset of multicast proxy 

9 service nodes; 

10 means for receiving the new group session key for the multicast group, for use after 

1 1 addition of the first multicast proxy service node, from a directory system 

12 agent (DSA) of a local multicast proxy service node that has received the new 

13 group session key through periodic replication of the directory by a replication 

14 service agent (RSA) of the local multicast proxy service node, wherein the 

15 RSA is signaled to carry out replication by storing an updated group session 

16 key in a local node of the directory; 

17 means for communicating the new group session key to the first multicast proxy 

1 8 service node; 

19 means for communicating a message to the subset of multicast proxy service nodes 

20 that causes the subset of multicast proxy service nodes to update their private 

21 keys. 
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1 95. (New) An apparatus as recited in Claim 94, further comprising: 

2 means for distributing the group session key to all member nodes of the plurality of 

3 member nodes by creating and storing the group session key using a particular 

4 multicast proxy service node of the plurality of multicast proxy service nodes, 

5 wherein the particular multicast proxy service node is associated with a 

6 particular domain of the plurality of domains, and wherein the particular 

7 domain is associated with the directory; 

8 means for replicating the directory; and 

9 means for obtaining the group session key from a local multicast proxy service node 
1 0 that is a replica of the particular multicast proxy service node. 

1 96. (New) An apparatus as recited in Claim 94, further comprising: 

2 means for associating a plurality of intermediate nodes of the second binary tree with 

3 a plurality of multicast service agents; 

4 means for establishing a secure back channel group among the plurality of multicast 

5 service agents; 

6 means for updating the group session key to all the multicast service agents in the 

7 plurality of multicast service agents by securely communicating the group 

8 session key using a secure back channel that is associated with the secure back 

9 channel group; 

10 means for updating, at each intermediate node of the plurality of intermediate nodes, 

1 1 the group session key of only those leaf nodes that are child nodes of said 

12 each intermediate node. 

1 97. (New) An apparatus as recited in Claim 94, further comprising: 

2 means for receiving a request for the group session key from a publisher node that is 

3 located in a different domain of the plurality of domains from the particular 

4 domain in which is stored the second binary tree; 
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5 means for determining an identifier of the publisher node using a first directory 

6 service agent that is associated with a particular multicast proxy service node 

7 of the plurality of multicast proxy service nodes, wherein the particular 

8 multicast proxy service node is in the particular domain; 

9 means for establishing a secure communication channel among the particular 

10 multicast proxy service node and a directory service agent that is associated 

1 1 with a different multicast proxy service node of the plurality of multicast 

1 2 proxy service nodes, wherein the different multicast proxy service node is in 

1 3 the different domain. 

1 98. (New) An apparatus as recited in Claim 81, further comprising means for managing 

2 removal of a first member node from the multicast group, wherein the means for 

3 managing further comprise: 

4 means for creating and storing the group session key associated with the multicast 

5 group and a private key associated with each member node of the plurality of 

6 member nodes in a directory; 

7 means for receiving information indicating that the first member node is leaving the 

8 multicast group; 

9 means for updating all affected keys of a subset of member nodes of the plurality of 

10 member nodes in a branch of the second binary tree that contains the first 

1 1 member node that is leaving; 

12 means for receiving the new group session key for the multicast group, for use after 

1 3 removal of the first member node, and a new private key for a parent node of 

14 the first member node, from a local multicast proxy service node of the 

1 5 plurality of multicast proxy service nodes; 

16 means for communicating a message to the subset of member nodes that causes the 

1 7 subset of member nodes to update their private keys. 

1 99. (New) An apparatus as recited in Claim 98, further comprising: 

2 means for associating a plurality of intermediate nodes of the second binary tree with 

3 a plurality of multicast service agents; 
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4 means for establishing a secure back channel group among the plurality of multicast 

5 service agents; 

6 means for updating the group session key to all the multicast service agents in the 

7 plurality of multicast service agents by securely communicating the group 

8 session key using a secure back channel that is associated with the secure back 

9 channel group; 

10 means for updating, at each intermediate node of the plurality of intermediate nodes, 

1 1 the group session key of only those leaf nodes that are child nodes of said 

12 each intermediate node. 

1 100. (New) An apparatus as recited in Claim 98, further comprising: 

2 means for receiving a request for the group session key from a publisher node that is 

3 located in a different domain of the plurality of domains from the particular 

4 domain in which is stored the second binary tree; 

5 means for determining an identifier of the publisher node using a first directory 

6 service agent that is associated with a particular multicast proxy service node 

7 of the plurality of multicast proxy service nodes, wherein the particular 

8 multicast proxy service node is in the particular domain; 

9 means for establishing a secure communication channel among the particular 

10 multicast proxy service node and a directory service agent that is associated 

1 1 with a different multicast proxy service node of the plurality of multicast 

12 proxy service nodes, wherein the different multicast proxy service node is in 

13 the different domain. 

1 101 . (New) An apparatus as recited in Claim 98, further comprising: 

2 means for distributing the group session key to all member nodes of the plurality of 

3 member nodes by creating and storing the group session key using a particular 

4 multicast proxy service node of the plurality of multicast proxy service nodes, 

5 wherein the particular multicast proxy service node is associated with a 

6 particular domain of the plurality of domains, and wherein the particular 

7 domain is associated with the directory; 

8 means for replicating the directory; and 
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9 means for obtaining the group session key from a local multicast proxy service node 

10 that is a replica of the particular multicast proxy service node. 
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